TO ZOOM OR NOT TO ZOOM!
Like many organizations in recent weeks, we have relied on Zoom for communications with vendors and customers alike. However, it appears all that may change in light of new revelations for the company. Jonathan Dames published an article, excepts below, on April 9 that details the pending issues Zoom is facing.
"Two lawsuits filed by investors allege the company, Zoom, misled shareholders in violation of federal securities law. The alleged violations included claims in regulatory filings that its service uses "end-to-end encryption." End-to-end encryption generally refers to a method of securing online communications that keeps content encrypted at all points in its journey between endpoints. The technique gives users sole control over the keys used to unlock the data.
Two lawsuits lodged by users of the video conferencing service claim Zoom deceived customers by using the same encryption term in marketing materials. The false claim violated various California state laws, the suits said.
In contrast, Zoom, like most online meeting providers, has access to video encryption keys by default. Also, it decrypts video content to support third-party devices and provide premium services like transcription. A report in The Intercept raised questions about Zoom's use of the term end-to-end encryption last week. Shortly after that, Zoom apologized for "incorrectly suggesting that Zoom meetings were capable of using end-to-end encryption."
Zoom's privacy and security practices have come under increased scrutiny in recent weeks. Many new customers have begun using the video conferencing product amid the coronavirus pandemic, including universities and K-12 school systems. On March 31, Jonathan Dame wrote, " two Zoom subscribers have sued the video conferencing company in separate class-action lawsuits, accusing it of sharing user data with Facebook without permission.
The federal lawsuits, filed Monday March 30th and Tuesday March 31, allege Zoom failed to properly disclose that its iOS app was transmitting information about users' devices to the social media giant. Zoom released a new version of its client for Apple mobile devices on Friday to remove the connection to Facebook. However, users must install the update themselves. Before the fix, the app informed Facebook about each user's IP address, advertising ID, mobile carrier, device model, iOS version, time zone and language settings, among other data, according to the lawsuit.
Zoom said it was unaware Facebook was collecting those metrics before an investigation by the news outlet Vice brought the issue to light last week. The video conferencing company apologized to customers and said it was reviewing its protocols to avoid similar missteps in the future."